White hat or Black hat, hacking demands good grasp of all sysadmin works. The usage style we show on this website are intended for testing security of own servers - that is white hat way. We have a list of essential security tools for GNU/Linux servers. Metasploit framework needs Ruby, Postgre SQL, Java etc. Here is how to install Metasploit on Ubuntu 16.04 LTS to test security of servers.Off … [Read more...]
Linux
Linux or more correctly GNU/Linux refers to the family of free UNIX-like computer operating systems using the Linux kernel. GNU/Linux can be installed on a wide variety of computer hardware.
Fail2Ban Log Analysis Bash Script For Report Generation
Previously we gave some complicated commands to our readers who use Fail2Ban and needs some checking. Other way was using BadIPs for creation of graph. Fail2Ban log analysis bash script is for report generation as list of attacker IPs, banned, unbanned, password attempts sorted by date, country. We written this easy script using various commands and we think it is useful to any sysadmin to quickly … [Read more...]
Installing GeoIP Module On Apache2, Ubuntu 16.04
We did it before but for Nginx (you can look - Installing GeoIP On Nginx). We need this to use GoAcesss log analyzer like tools, Piwik etc. WordPress like modern CMS use PHP based function and needs no server side work. Installing GeoIP Module On Apache2, Ubuntu 16.04 Needs Some Manual Steps After Running Installation Command. Sample PHP file supplied to test. Installing GeoIP … [Read more...]
How To Configure OCSP Stapling On Apache 2.4+
Previously we talked about OCSP, OCSP Stapling and OCSP Stapling on Nginx. Now, we will configure OCSP Stapling In Apache 2.4 It is important to avoid some settings of OCSP Stapling on a production website as it can give errors like OCSP Response Expired or just in case of Nginx 502. Here is how to configure OCSP Stapling on Apache 2.4+ with full configuration. These are among TLS optimisazion. In … [Read more...]
How To Perform Security Audits On Ubuntu 16.04 (With Lynis)
Security audit in our case is am automatic technical assessment of our server and web applications in the context of security by performing security vulnerability scans, reviewing application and operating system access controls some softwares or scripts. At the ens, we will gather a software generated audit report. Here is how to perform security audits on Ubuntu 16.04 with Lynis and other tools … [Read more...]
Install, Configure Advanced Policy Firewall (AFP) On Ubuntu 16.04
If you are a new user, you should not follow this guide for production sever but follow our basic server setup guide and IPTables guide to configure your firewall. New users can follow this guide with test/development servers. Advanced Policy Firewall is an iptables based firewall. Here is how to install, configure Advanced Policy Firewall (AFP) on Ubuntu 16.04. It is essentially an interface to … [Read more...]
Ubuntu 16.04 Apache2 HTTP/2, HSTS : Steps + Configuration
As we said before - we are no longer supporting to install, configure Nginx but we are back to support Apache2 mainly for their odd idea to involve community to develop modules for free and distribute with paid product. Additionally, Nginx 502 error is a nightmare. Apache2 at current cost of web hosting not exactly bad. Here is a full working guided steps to setup Ubuntu 16.04 Apache2 HTTP/2, HSTS … [Read more...]
How To Install, Configure & Run Malware Detect (maldet) On Linux Server
Previously, we talked about a bunch of anti malware for GNU/Linux servers. That list essentially was for the purpose of our future guides around those softwares. Here is a step by step complete guide on how to install, configure & run malware detect (maldet) on linux server with Ubuntu server commands as example. Reader needs not much experience to get used and work.Again - Linux Malware … [Read more...]